f5643ea7a5
Doc updates from [mc RELEASE.2023-05-30T22-41-38Z](https://github.com/minio/docs/issues/870): [x] New --exit option for mc ping [x] Expiration date can be set when adding or editing a service account Staged: http://192.241.195.202:9000/staging/DOCS-870/linux/html/reference/minio-mc/mc-ping.html#mc.ping.-exit http://192.241.195.202:9000/staging/DOCS-870/linux/html/reference/minio-mc-admin/mc-admin-user-svcacct-add.html#mc.admin.user.svcacct.add.-expiry http://192.241.195.202:9000/staging/DOCS-870/linux/html/reference/minio-mc-admin/mc-admin-user-svcacct-edit.html#mc.admin.user.svcacct.edit.-expiry Fixes https://github.com/minio/docs/issues/870
4.8 KiB
mc admin user svcacct add
minio
Table of Contents
mc admin user svcacct add
Syntax
The mc admin user svcacct add command adds a new access
key to an existing MinIO or AD/LDAP user.
Access keys for OpenID Connect users
To generate service account access keys for OpenID Connect users <minio-external-identity-management-openid>,
use the MinIO Console <minio-console>.
EXAMPLE
The following command creates a new access key associated to an existing MinIO user:
mc admin user svcacct add \
--access-key "myuserserviceaccount" \
--secret-key "myuserserviceaccountpassword" \
--policy "/path/to/policy.json" \
myminio myuser The command returns the access key and secret key for the new account.
SYNTAX
The command has the following syntax:
mc [GLOBALFLAGS] admin user svcacct add \
[--access-key] \
[--secret-key] \
[--policy] \
[--comment] \
ALIAS \
USERParameters
ALIAS
The alias <mc alias> of the MinIO deployment.
USER
The username of the user to which MinIO adds the new access key.
- For
MinIO-managed users <minio-users>, specify the access key for the user. - For
Active Directory/LDAP users <minio-external-identity-management-ad-ldap>, specify the Distinguished Name of the user. - For
OpenID Connect users <minio-external-identity-management-openid>, use theMinIO Console <minio-console>to generate access keys.
--access-key
A string to use as the access key for this account. Omit to let MinIO autogenerate a random 20 character value.
Access Key names must be unique across all users.
--comment
RELEASE.2023-05-18T16-59-00Z Replaced by ~mc admin user svcacct add --description and ~mc admin user svcacct add --name.
Originally added in version RELEASE.2023-01-28T20-29-38Z.
This option has been removed. Use --description or
--name instead.
--description
RELEASE.2023-05-18T16-59-00Z
Add a description for the service account. For example, you might specify the reason the service account exists.
--expiry
RELEASE.2023-05-30T22-41-38Z
Set an expiration date for the service account. The date must be in the future, you may not set an expiration date that has already passed.
Allowed date and time formats:
2023-06-242023-06-24T10:002023-06-24T10:00:002023-06-24T10:00:00Z2023-06-24T10:00:00-07:00
--name
RELEASE.2023-05-18T16-59-00Z
Add a human-readable name for the service account.
--policy
The path to a policy document <minio-policy> to attach to the
new access key, with a maximum size of 2048 characters. The attached
policy cannot grant access to any action or resource not explicitly
allowed by the parent user's policies.
--secret-key
The secret key to associate with the new account. Omit to let MinIO autogenerate a random 40-character value.